CYBERNEWSMEDIA Network:||
CYBERNEWSMEDIA
CYBERNEWSMEDIA

Cybersecurity News, Insights & Analysis

Latest
TrueConf Zero-Day Exploited in Asian Government Attacks
In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware
Critical ShareFile Flaws Lead to Unauthenticated RCE
Mobile Attack Surface Expands as Enterprises Lose Control
React2Shell Exploited in Large-Scale Credential Harvesting Campaign
AD · 970×250

Mobile & Wireless

July 2025 Breaks a Decade of Monthly Android Patches

Since August 2015, Google has delivered a constant stream of monthly security patches for Android. Until July 2025. The post July 2025 Breaks a Decade of Monthly Android Patches appeared first on SecurityWeek.

Android vulnerability

Google this week announced that no security patches have been released for Android, Pixel devices, and other Android-based platforms this month, ending a decade-long streak of security updates.

As customary in the first week of each month, security bulletins were published for the core Android operating system, as well as for Pixel devices, Android Automotive OS (AAOS), Wear OS, and Pixel Watch, but they all contain the same message: there are no security patches in the July 2025 bulletin.

This is the first month without security updates since Google started rolling out monthly Android fixes in August 2015, looking to make the mobile operating system safer for both users and vendors.

The lack of security patches for July 2025 does not mean that Android has reached perfection in terms of security, albeit Google has made significant efforts to reduce the incidence of vulnerabilities across the ecosystem and to reduce the overall attack surface.

For example, the internet giant has added protections to make the exploitation of memory safety bugs such as use-after-free vulnerabilities more difficult, and adopted Rust, a programming language that is not plagued by the memory safety hazards C++ has.

The adoption of Rust has led to a significant drop in memory safety bugs in Android, Google said in September 2024, a trend expected to continue as new code is developed using the memory-safe programming language, while the older code matures.

Since kicking off the practice of monthly security fixes in response to the critical Stagefright vulnerabilities, Google has fixed close to 8,000 flaws in Android, with each of the monthly rollouts also addressing dozens of issues in software from chip makers and other third-party components.

For example, Qualcomm this week announced patches for multiple critical- and high-severity defects, while MediaTek warned of high-severity issues in its chipsets, and the lack of July 2025 security updates for Android may delay the delivery of some of these fixes for billions of users.

During the first half of 2025, Google shipped fixes for roughly 270 vulnerabilities in Android and its third-party components, including six zero-days. Since August 2015, it has patched around 40 zero-days in the platform.

Related: Over 30 Vulnerabilities Patched in Android

Related: Android Update Patches FreeType Vulnerability Exploited as Zero-Day

Related: Android Update Patches Two Exploited Vulnerabilities

Related: Google Patches Pair of Exploited Vulnerabilities in Android

Latest News

CYBERNEWSMEDIAPublisher